Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Search
Splunk Community
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Search
Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
707 results
Sort by:
11-06-2023
07:56 AM
Hello, I have the below code. I'm trying to create a new column that extracts and pivots CareCnts, CoverCnts, NonCoverCnts, etc... (There are more but I have simplified). These |eval are related to t...
Labels
- Labels:
-
eval
-
field extraction
07-19-2022
01:44 AM
Hi,
I habe a table after using stats:
| stats values(durationSum) as duration by Fauf Station. How can I convert it to a table with only one line in such a format:
Fauf duration_Station1 ...
Labels
- Labels:
-
stats
-
table
-
transaction
10-19-2023
01:18 PM
Hello, I'm working in splunk enterprise 8.2.4 I have the below search index=Red msg="*COMPLETED Task*”
| spath output=logMessage path=msg
| rex field=logMessage "Message\|[^\t\{]*(?<json>{[^\...
05-14-2014
09:46 AM
I want to use a 'where' clause (which allows the comparison of two fields) as a pivot constraint. My original search is
index=maillog (event=SEND OR event=RECEIVE)
Which gives me all the s...
- Tags:
- constraints
- pivot
04-26-2018
04:03 PM
I'm trying to figure out how to build an excel-like pivot table using 3 or more columns. As example, I have this data:
customer1 project1 note1
customer1 project2
customer1 p...
02-14-2023
03:12 PM
...2 2/2/2023 Malicious 17 2/2/2023
I want to turn that table into a Pivot Table like this:
Scam Phishing Malicious 2/1/2023 5 18 23 2/2/2023 8 12 17 ...
What can I add to the query (or how can I...
Labels
- Labels:
-
dashboard
Show results in replies (9)
-
The problem is that your field name for count is actually "count(*)" and the chart command is doing...
-
Great, glad we got there in the end!
-
So when you are doing | dbxquery connection=abcd-local query="SELECT DATE_FORMAT(date(dts),GET_FOR...
-
It originates from the dts field based on this part of the original query: DATE_FORMAT(date(dts),G...
-
In your original question you posted an example of a table containing Scam 5 2/1/2023 ... which ...
-
...erminology. We have a database table with data that I want to display like an Excel pivot table would....
-
Use chart | chart sum(count) as count over rate_date by category_id Then if you want to rearrange...
-
When I append that string to the end of my query, it returns "No results found." pretty quickly.&nb...
-
Please take and post a screenshot of the data you can see immediately after your initial SPL exampl...
02-20-2017
07:02 AM
I have index=webserver_logs and source=security_logs and can search both in a single query:
index=webserver_logs | append [search source=security_logs]
I get a table with all events and just sele...
06-06-2014
09:04 AM
1 Karma
I have to use a root search in a pivot due to needing to join another data type. Is there a way to get _time to extract as Time? I have setup an eval in the pivot to extract the _time field but it w...
10-20-2013
02:34 PM
...reate a pivot, I've discovered that I can't figure out how to filter the pivot on more than one value of a particular attribute. For example, I'd like to be able to filter my pivot down to customers t...
Show results in replies (6)
-
...ttribute in the data this should be doable. Then you could just build a pivot based on that object.
-
Unfortunately Pivot is currently limited by an inability to set up OR operations with its filters....
-
I noticed that they have added options to pivot table filters. One that may fit here is "is in t...
-
...ocumentation/Splunk/latest/Pivot/UsingthePivotvisualizationeditor#Configure_a_filter_element
-
...R, for being able to use checkboxes to drive my dashboard panel (pivot searches)
-
...ith underlying pivot search - input forms being able for the user to give several values as f...
